3 matches found
CVE-2026-44263
Weblate before 5.17.1 exposed private translations via the Screenshot API, Task, and component link APIs, enabling enumeration of translations in projects not accessible to the user. Root cause: these API surfaces allowed access to translation metadata, leaking otherwise inaccessible content. Imp...
EUVD-2026-28387
Weblate Vulnerable to Private Translation Enumeration via Screenshot API...
Weblate Vulnerable to Private Translation Enumeration via Screenshot API
Impact The screenshots, tasks, and component link API allowed for the enumeration of translations in a project inaccessible to the user. Patches https://github.com/WeblateOrg/weblate/pull/19258 Acknowledgement Weblate thanks Luay for reporting this vulnerability according to the organization's...